Our Values

Our Values

At NTConnections, our values are the principles of the way we operate our businesses. From the way we work internally each day, to the relationships we foster with our customers and communities, we are guided by four core values.

Lead

Being a leader is not defined by a title but defined by actions. Our team has aligned our values and vision to empower our team members to exceed expectations.

Guide

We strive every day to exceed your expectations by having extraordinary attention to detail and always proving our commitment to your business.

Maintain

We aim to maintain our clients’ technology to ensure that technology issues become a thing of the past.

Trust

Trust is important not just in our own organization but within relationships we establish with our clients. We want to become your trusted source for all things technology.

Intel Chip Vulnerabilities: What We Know So Far!

What Do We Know About Terminal Fault (L1TF) Chip Vulnerabilities?

Understanding The L1 Terminal Fault (L1TF)

Intel has recently confirmed L1 Terminal Fault (L1TF) chip vulnerabilities in its processors that can be manipulated by malware and malevolent virtual machines with the intention of stealing private information from a computer’s memory.

Who or What is Vulnerable?

In short, Intel’s desktop, workstation, and server CPUs are exposed. What Intel initially described as impregnatable memory, has been found to have holes. That means sensitive data from other software and other customers’ virtual machines can be stolen from malicious software and guest virtual machines either on a vulnerable device or a cloud platform.

This private information may involve personal and financial accounts, passwords, and encryption keys. Also, they pose a threat to be taken from other customers’ virtual machines, including both System Management Mode (SMM) memory and SGX enclaves.

SGX, made by Intel technology, is intended to guard private information from code geared to peep and pry.

SMM serves as a computer’s clean-up operator. This is an alternate software system that is usually placed in the computer’s firmware. It also has total control over the computer’s hardware and absolute admittance to all of its data.

Let’s break down the three areas, which Intel has named its L1 Terminal Fault (L1TF) bugs:

Fixing this vulnerability will require the microcode update. To be safe, it is also recommended that you update your operating system and VM hypervisor. The patches should be available now for just about all operating systems.

According to Intel, “Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and side-channel analysis.” In short, CVE-2018-3620 affects operating systems and SMM.

The Fix:

To fix this, operating system kernels will need to be patched. Also, the SMM needs the microcode update, to be safe.

Fixing CVE-2018-3646 will require the microcode, operating system, and hypervisor updates in order to protect your data.

Extra Fix:

The way hypervisor software operates is by allowing virtual machines or processors to be run off shared resources of a physical server. At the same time, they use multi-threading – a technique by which a single set of code can be used by several processors at different stages of implementation. Intel calls this Hyperthreading, and it can split one of its cores to act like two separate processors of the multi-core CPU for the hypervisor. This technique creates what Intel calls “sibling threads.”

Since these threads share a pool of L1 cache memory attached to the core, a malicious guest, on one of the virtual processors, could manipulate the third variant of the L1 Terminal Fault and get data used by the other sibling thread.

Even though the virtual processor will recognize this and deny the request of the hacker, if the data is in the cache at the same time, it can be revealed to the hacker.

Both CVE-2018-3620 and CVE-2018-3646 were discovered by Intel’s engineers after the university researchers who discovered “Foreshadow” informed Intel about CVE-2018-3615, the SGX issue.

The Ultimate Fix

The real fix to all these problems will be made by replacing the processors. As Intel stated, when addressing L1TF, “These changes begin with our next-generation Intel Xeon Scalable processors (code-named Cascade Lake), as well as new client processors expected to launch later this year.”

For now, the best advice is to keep patching and be aware of any changes you see in the area of performance and speed with the patches.